[PATCH v2] render: Fix crash in RenderAddGlyphs (#23645)
Peter Hutterer
peter.hutterer at who-t.net
Tue Sep 29 22:44:07 PDT 2009
On Tue, Sep 29, 2009 at 10:29:31PM -0700, Keith Packard wrote:
> Excerpts from Peter Hutterer's message of Tue Sep 29 22:15:21 -0700 2009:
>
> > miGlyphs seems to deal with 0-width glyphs just fine
>
> I guess I don't understand how this can be --
> ProcRenderCompositeGlyphs passes all of the glyphs to CompositeGlyphs
> which just calls down to the Glyphs function. If that is miGlyphs,
> you've got a loop that looks like:
>
> while (n--)
> {
> glyph = *glyphs++;
> pPicture = GlyphPicture (glyph)[pScreen->myNum];
> ...
> (uses of pPicture)
> }
>
> I don't see how pPicture won't end up as NULL for zero-sized glyphs,
> which should yield a nice segfault.
>
> Am I missing something obvious here?
Yes. the test program I used always had maskFormat == NULL on zero-sized
glyphs, not triggering the one path where pPicture is actually used. Oops.
(in the else clause the pPicture is used as mask which is allowed to be
NULL).
Question is now what to do - simply skipping the composite call for a NULL
source should make sense, doesn't it?
Cheers,
Peter
More information about the xorg-devel
mailing list